minecraftuniversefandomcom-20200214-history
Web of Trust
Web of Trust refers to a ring of Digital Rights Management that is currently being developed by some well-known mod authors, using code contained in Forge Mod Loader to prevent the Minecraft client from starting in certain conditions. Currently, the mods who use these checks are as follows: * Forestry * Industrial Craft 2 * Thaumcraft 3 * RedPower2 * Railcraft Mod Authors are able to digitally sign their mods, and this digital signature ensures that, if another mod were to inject code into the mod, and modify it, it would invalidate the signature, and the mod would therefore refuse to load. This practice is commonplace in the computing world, especially for large corporate companies, like Microsoft Corporation. Forge Mod Loader starts an event an runtime, to ask mods to check their digital signatures; mods can then issue a fail (that can be read by other mods) if their signature does not match. If they do not match, this would mean that the integrity of the mod had been compromised. Ordinarily, this would be a perfectly-acceptable use of this functionality. However, this event's use can be subverted for other checks. Specifically, CovertJaguar has coded Railcraft to check the environment a mod loads in, and what launches the Minecraft Java Client. So far, CovertJaguar has specifically coded his mod to also check (in addition to it's own signature) if Minecraft is being launched by the Plus Plus mod pack launcher. If it detects it, Railcraft will then send a fail, equivalent to the fail it would send out if it's digital signature was invalid. This triggers the mod to crash, which in turn, causes the Minecraft client to crash. This idea was originally used by Industrial Craft 2, and is technically the brainchild of RichardG; IC2 had a similar check for Plus Plus and while this specific check has now been removed, under instruction from Alblaka, the actual checking code itself remains in IC2. The term Web comes from another aspect of code that CovertJaguar has added, and that checks the status of the signature checks from other mods (namely, the aforementioned mods at the beginning of the article); if one or more of the above fail, then Railcraft also fails. Implications The above scenario has grave implications for the average Minecraft player, as the system essentially penalises them for using a mod pack that is either not trusted, or for whom the mod authors do not want the mod used in, and either forces the user to use an unmodified Minecraft environment and launching system, or to use an 'approved' mod pack. This is particularly serious, as there is every possibility that a mod will be coded to access a real-time list of approved mod packs and Minecraft loading environments (Industrial Craft 2 already did this, before it was disabled), and ones suddenly finding themselves foul of the authors could potentially have a user base penalised for it. Modifications Signature Checks also affect modifications made directly to mods (for example, third-party bug fixes). The correct approach is to write the fix as a Coremod, that patches bytecode that is currently running, without interfering with the actual mod code itself.